Enterprise Architect- Application Security and Cloud Platform (On-Site in Springfield, MO)

POSITION SUMMARY

The Enterprise Architect for Application Security & Cloud Platform will work onsite at our corporate office in Springfield MO. and is a senior strategic role within IT Security responsible for defining governing and continuously improving the secure-by-design architecture for applications and cloud platforms across the enterprise. Operating at an enterprise-wide scope this role provides architectural leadership spanning secure application patterns cloud-native platform controls identity containerization API security and integration governance.

You will collaborate across Security Engineering Operations and business technology teams to ensure all application and platform designs meet enterprise risk tolerance regulatory standards and modern architectural principles. This role will define the long-term vision for secure application and cloud platform architecture develop enterprise guardrails and reusable patterns and guide solution and domain architects in consistent adoption.

This position is based at our corporate office in Springfield MO.

ESSENTIAL FUNCTIONS

Enterprise Security Architecture Leadership

• Define the enterprise architecture strategy for application security and cloud platform security
• Develop and govern secure design principles reference architectures and reusable security patterns
• Partner with Security to align enterprise architecture with risk compliance and threat intelligence
• Lead architecture review boards (ARBs) in evaluating system designs for adherence to enterprise guardrails
• Provide architectural oversight for major programs transformation initiatives and cloud modernization efforts

Application Security Architecture (Cloud & Legacy)

• Architect secure application patterns across microservices APIs serverless workloads and legacy platforms
• Define enterprise-wide secure coding standards threat modeling frameworks and application-layer guardrails
• Evaluate and select application security platforms (SAST DAST SCA RASP API security etc.)
• Oversee security integration into CI/CD pipelines supporting enterprise DevSecOps maturity
• Guide development teams on secure design vulnerability mitigation and adoption of shift-left practices

Cloud Platform Security Architecture (Azure & GCP)

• Architect enterprise-secure patterns for identity workload isolation data protection and perimeter-less security
• Develop and enforce security architecture for container platforms serverless Kubernetes and cloud-native services
• Define enterprise controls leveraging CSPM CWPP CNAPP zero trust and identity-first security models
• Partner with Cloud Engineering to implement platform guardrails landing zones and compliance automation
• Establish enterprise standards for multi-cloud security configurations logging and monitoring

Legacy Platform Security Architecture

• Define strategic direction for securing legacy WebSphere Commerce Suite (WCS) and similar systems
• Develop compensating controls hardening baselines and integration security patterns
• Lead architectural decision-making for modernization and migration paths away from legacy platforms

Governance Standards & Strategic Innovation

• Create and maintain policies standards and architecture principles governing secure application and cloud design
• Conduct enterprise-level threat modeling and risk assessments across platforms and business solutions
• Serve as the primary architecture liaison with audit risk and compliance stakeholders (PCI SOC 2 NIST ISO)
• Evaluate emerging technologies conduct platform capability assessments and guide long-term investment strategy
• Mentor solution architects engineers and developers across ETS pillars on secure architecture practices

EXPERIENCE & QUALIFICATIONS

• Bachelors degree in Computer Science Engineering or equivalent experience
• 12 years in software architecture application security or cloud platform architecture
• 7 years designing and securing cloud-native architectures in Azure or GCP
• Deep expertise in secure application patterns DevSecOps and CI/CD security integration
• Strong architectural knowledge of microservices Kubernetes containers and serverless
• Familiarity with legacy platform security including WCS or Java-based enterprise systems
• In-depth understanding of cloud-native security services (Azure Defender GCP SCC etc.)
• Expertise with OWASP NIST Zero Trust secure design principles and threat modeling
• Professional certifications preferred: CISSP CCSP CSSLP GCSA TOGAF or Azure/GCP Architect
• Strong executive communication and ability to influence across Security Engineering and Operations

TRAVEL REQUIREMENTS:
Occasional travel to visit key facilities or in support of team meetings (less than 15%)

PHYSICAL REQUIREMENTS:
Regularly performs computer work and sits
Occasionally walks and stands
Seldom/never lifts up to 50lbs

INDEPENDENT JUDGEMENT:
Develops strategic direction goals plans and policies for application security. Sets broad objectives and is accountable for overall results in respective area of responsibility. Requires high degree of independent judgment and problem solving of complex problems.

Full Time Benefits Summary:
Enjoy discounts on retail merchandise our restaurants world-class resorts and conservation attractions!

• Medical
• Dental
• Vision
• Health Savings Account
• Flexible Spending Account
• Voluntary benefits
• 401k Retirement Savings
• Paid holidays
• Paid vacation
• Paid sick time
• Bass Pro Cares Fund
• And more!

Bass Pro Shops is an equal opportunity employer. Hiring decisions are administered without regard to race color creed religion sex pregnancy sexual orientation gender identity age national origin ancestry citizenship status disability veteran status genetic information or any other basis protected by applicable federal state or local law.

Reasonable Accommodations

Qualified individuals with known disabilities may be entitled to reasonable accommodation under the Americans with Disabilities Act and certain state or local laws.
If you need a reasonable accommodation for any part of the application process please visit your nearest location or contact us at